Microsoft Windows: Kernel Data Protection

  • Thread starter Thread starter Bapun
  • Start date Start date
  • Replies Replies: Replies 0
  • Views Views: Views 693

Bapun

Staff member
Community Manager
Joined
3 Nov 2010
Messages
28,071
Solutions
9
Reaction score
38,870
Introducing Kernel Data Protection, a new platform security technology for preventing data corruption - Microsoft Security

Kernel Data Protection (KDP) is a new technology that prevents data corruption attacks by protecting parts of the Windows kernel and drivers through virtualization-based security (VBS). KDP is a set of APIs that provide the ability to mark some kernel memory as read-only, preventing attackers from ever modifying protected memory. For example, we’ve seen attackers use signed but vulnerable drivers to attack policy data structures and install a malicious, unsigned driver. KDP mitigates such attacks by ensuring that policy data structures cannot be tampered with.
 
Back
Top Bottom